package com.pp.third.remote.config;

import com.pp.third.remote.feign.ThirdAuthFeignService;
import com.pp.third.remote.service.CustomeFeignTokenServices;
import lombok.Data;
import lombok.SneakyThrows;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.web.cors.CorsConfigurationSource;

import javax.annotation.Resource;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;


/**
 * Feign调用
 */
@Slf4j
@Data
public class FeignResourceServerConfig extends ResourceServerConfigurerAdapter implements InitializingBean {

    private String clientId;

    private String clientSecret;

    private List<String> ignoreUrls = new ArrayList<>();

    @Autowired
    private JwtAccessTokenConverter accessTokenConverter;

    @Resource
    private ThirdAuthFeignService thirdAuthFeignService;

    @Autowired
    private CorsConfigurationSource corsConfigurationSource;

    //@Autowired
    //private OAuthThirdProperties oAuthThirdProperties;

    public FeignResourceServerConfig() {
    }

    @Override
    public void configure(ResourceServerSecurityConfigurer resources) {
        resources.tokenServices(tokenServices()).stateless(true);
    }

    @Bean
    public ResourceServerTokenServices tokenServices() {
        CustomeFeignTokenServices tokenServices = new CustomeFeignTokenServices();
        tokenServices.setAccessTokenConverter(accessTokenConverter);
        tokenServices.setThirdAuthFeignService(thirdAuthFeignService);
        return tokenServices;
    }

    /**
     * 默认的配置，对外暴露
     *
     * @param httpSecurity
     */
    @Override
    @SneakyThrows
    public void configure(HttpSecurity httpSecurity) {
        String[] permitMethods = new String[]{};//oAuthThirdProperties.getPermitMethod().toArray(new String[0]);

        httpSecurity.headers().frameOptions().disable();
        ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = httpSecurity.authorizeRequests();
        ignoreUrls.forEach(url -> registry.antMatchers(url).permitAll());
        Arrays.asList(permitMethods).forEach(url ->  registry.antMatchers(url).permitAll());

        //跨域配置
        registry.and().cors().configurationSource(corsConfigurationSource);
        registry.and().csrf().disable();
        //过滤swagger
        //httpSecurity.authorizeRequests().antMatchers(permitMethods).permitAll();
        //拦截请求
        httpSecurity.authorizeRequests().anyRequest().authenticated();
    }

    @Override
    public void afterPropertiesSet() throws Exception {
        /*if (permitUrlServiceList != null) {
            log.info("ignoreUrls.before.{}", ignoreUrls);
            permitUrlServiceList.forEach(permitUrlService -> {
                permitUrlService.registerUrl(ignoreUrls);
            });
            log.info("ignoreUrls.after.{}", ignoreUrls);
        }*/
    }
}